Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-t7wm-9sa4-2yff
Vulnerability ID VCID-t7wm-9sa4-2yff
Aliases CVE-2015-7178
Summary Security researcher Ronald Crane reported two issues in the libGLES portions of the ANGLE graphics library, used for WebGL and OpenGL content on Windows systems. The first of these is a missing bounds check leading to memory safety errors when manipulating shaders which could result in the writing to unowned memory. The second issue also affects shaders when insufficient memory is allocated for a shader attribute array, leading to a buffer overflow. Both of these issues can lead to a potentially exploitable crash. These issues are specific to Windows and does not affect Linux or OS X systems. In general this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled, but is potentially a risk in browser or browser-like contexts.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-805 Buffer Access with Incorrect Length Value
System Score Found at
epss 0.01524 https://api.first.org/data/v1/epss?cve=CVE-2015-7178
epss 0.01524 https://api.first.org/data/v1/epss?cve=CVE-2015-7178
epss 0.01524 https://api.first.org/data/v1/epss?cve=CVE-2015-7178
epss 0.01524 https://api.first.org/data/v1/epss?cve=CVE-2015-7178
epss 0.01524 https://api.first.org/data/v1/epss?cve=CVE-2015-7178
epss 0.01524 https://api.first.org/data/v1/epss?cve=CVE-2015-7178
epss 0.01524 https://api.first.org/data/v1/epss?cve=CVE-2015-7178
epss 0.01524 https://api.first.org/data/v1/epss?cve=CVE-2015-7178
epss 0.01524 https://api.first.org/data/v1/epss?cve=CVE-2015-7178
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2015-113
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7178.json
https://api.first.org/data/v1/epss?cve=CVE-2015-7178
1265201 https://bugzilla.redhat.com/show_bug.cgi?id=1265201
CVE-2015-7178 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7178
mfsa2015-113 https://www.mozilla.org/en-US/security/advisories/mfsa2015-113
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.81207
EPSS Score 0.01524
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:18:24.729684+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2015/mfsa2015-113.md 38.0.0